WordPress.org

Ready to get started?Download WordPress

Forums

Upgrade to WP 3.5.1 Network - SSL peer certificate or SSH remote key was not OK (6 posts)

  1. acjohnson1985
    Member
    Posted 1 year ago #

    I just upgraded our site to WordPress 3.5.1 and we have a Network installation using subdomains. After running the update successfully I told it to run the Network Update and I kept getting this error message:

    Warning! Problem updating Error message: SSL peer certificate or SSH remote key was not OK

    Immediately I realized that I was getting this message since we are using a non-wildcard certificate. I did some reasearch and discovered that this is a cURL error message and that the CURLOPT_SSL_VERIFYHOST php option enables or disables SSL certificate verification.

    I then ran grep -ri "CURLOPT_SSL_VERIFYHOST" * from the root of our WordPress installation and found a line in /wp-includes/class-http.php and I changed that line from:

    curl_setopt( $handle, CURLOPT_SSL_VERIFYHOST, ( $ssl_verify === true ) ? 2 : false );

    To:

    curl_setopt( $handle, CURLOPT_SSL_VERIFYHOST, ( $ssl_verify === false ) ? 2 : false );

    ...and now it allows me to run the Network Update.

    Just thought I'd post this here incase someone else is too lazy (or cheap) to pay for a wildcard certificate and finds themselves in the same situation :)

  2. Please don't edit core. Lazy and cheap will cause heartache and pain. DO NOT EDIT CORE WORDPRESS FILES

  3. acjohnson1985
    Member
    Posted 1 year ago #

    Would you please post a better solution then?

  4. You already know the real answer: Buy a wildcard cert. Hello.

    You're using a NON wildcard cert on a wildcard situation, that's not WP really, that's you. The other 'fix' is to turn off SSL, upgrade, turn it back on.

  5. acjohnson1985
    Member
    Posted 1 year ago #

    Yeah, except that it worked just fine until I upgraded to WP 3.5.1 and we've been running the same configuration since WP 2.x without any issues... Something got changed in 3.5.1 and now it does not work the way that it did before so making a tiny code change to allow an invalid SSL certificate fixes the problem.

    Once finished running the Network Update, simply change CURLOPT_SSL_VERIFYHOST back to true and your done. Seems like a good solution to me if you are unwilling to pay for a wildcard cert or if you choose to use a self-signed cert...

  6. JHouse
    Member
    Posted 10 months ago #

    Thanks AC Johnson, this simple and little band-aid did the trick until we get a wildcard cert. Changed it to False, Updated, then changed it back to True. Woohoo.

Topic Closed

This topic has been closed to new replies.

About this Topic